what you don't know can hurt you
Showing 1 - 25 of 50 RSS Feed

Files Date: 2009-02-03

Core Security Technologies Advisory 2008.1009
Posted Feb 3, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - Multiple integer overflow vulnerabilities have been discovered in UltraVNC and TightVNC, two (open source) remote control applications derived from the popular VNC software. The vulnerabilities cause a miscalculation of a buffer size on the heap, allowing an attacker to corrupt a VNC client heap and can probably allow code execution (exploitation is very likely). Affected packages include UltraVNC versions 1.0.2, 1.0.5, and TightVNC version 1.3.9.

tags | advisory, remote, overflow, vulnerability, code execution
advisories | CVE-2009-0388
MD5 | 65b9167f89ec00f966f5742d0c5bb8fd
Euphonics Audio Player 1.0 Buffer Overflow
Posted Feb 3, 2009
Authored by h4ck3r#47 | Site arab4services.net

Euphonic Audio Player version 1.0 local buffer overflow exploit that creates a malicious .pls file.

tags | exploit, overflow, local
MD5 | e01ee1e972f969a51154aa1f0c512e3b
WEBalbum 2.4b SQL Injection
Posted Feb 3, 2009
Authored by XORON

WEBalbum version 2.4b remote blind SQL injection exploit that leverages photo.php.

tags | exploit, remote, php, sql injection
MD5 | 95d3a5909a5c53fbac678b2db601a84b
Oracle 9iR2 Buffer Overflow
Posted Feb 3, 2009
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database Server version 9iR2 suffers from a buffer overflow vulnerability in SYS.OLAPIMPL_T.ODCITABLESTART.

tags | advisory, overflow
advisories | CVE-2008-3974
MD5 | 5b48a122594da7814992a1d1ac50ddba
Oracle Enterprise Manager SQL Injection
Posted Feb 3, 2009
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - The Oracle Enterprise Manager TARGET parameter suffers from a remote SQL injection vulnerability. Oracle Enterprise Manager 10g Grid Control 10.2.0.4 and previous patchsets are vulnerable.

tags | advisory, remote, sql injection
advisories | CVE-2008-5447
MD5 | 1537a20315c97569ccf17acb41a6dfc2
MyDesign Sayac 2.0 SQL Injection
Posted Feb 3, 2009
Authored by Kacak

MyDesign Sayac version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | cfe77f9e7017e882218c5e63c0ddb9b0
SMF Cookie Stealing
Posted Feb 3, 2009
Authored by Xianur0

Simple Machines Forums suffers from a cookie stealing vulnerability.

tags | exploit
MD5 | bf4150217570b358bfb72392318ea939
Online Game Script XSRF
Posted Feb 3, 2009
Authored by S1B3RK4N

Online Game Script cross site request forgery exploit.

tags | exploit, csrf
MD5 | 7b25ffe8d087eb41f4dcf1bb0d793727
Jaws 0.8.8 Local File Inclusion
Posted Feb 3, 2009
Authored by fuzion

Jaws version 0.8.8 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | eb039b0e70877f7d021438ccf765cbca
AJA Modules Rapidshare 1.0.0 Shell Upload
Posted Feb 3, 2009
Authored by Hussin X | Site tryag.cc

AJA Modules Rapidshare version 1.0.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | 87b6361193ecce0c167c00f46dcc7bfe
Phormer PhotoGallery 3.3.1 Insecure Cookie
Posted Feb 3, 2009
Authored by Hussin X | Site tryag.cc

Phormer PhotoGallery version 3.3.1 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | ea47b4ee7e4c1d8b33058ed3de302b1e
Technote 7.2 Remote File Inclusion
Posted Feb 3, 2009
Authored by make0day

Technote 7.2 suffers from the same remote file inclusion vulnerability as Technote 7.0. Obviously, the authors did not feel this was an important fix for the following release.

tags | exploit, remote, code execution, file inclusion
MD5 | f790f6a112bed881c593b1cb5b98cb7d
BlazeVideo HDTV Player 3.5 Overflow
Posted Feb 3, 2009
Authored by LiquidWorm | Site zeroscience.mk

BlazeVideo HDTV Player versions 3.5 and below remote heap overflow exploit that generates a malicious .plf playlist file.

tags | exploit, remote, overflow
MD5 | 541722023d29b81ef68c3c0902c24011
Web Hacking Incidents Database Update
Posted Feb 3, 2009
Authored by Ofer Shezaf

This file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).

tags | advisory, web
MD5 | dc975c07282f834dd82e3e27d03ec259
DreamPics Photo/Video Gallery SQL Injection
Posted Feb 3, 2009
Authored by XORON

DreamPics Photo/Video Gallery remote blind SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | 44aa0c8e22c7fc8fc79be0995e781785
Free Download Manager 3.0 Buffer Overflow
Posted Feb 3, 2009
Authored by SkD

Free Download Manager versions 3.0 Build 844 and below buffer overflow exploit that creates a malicious .torrent file.

tags | exploit, overflow
MD5 | d4fecceb8d30b229fd1abce4e45ac911
4Site CMS 2.6 SQL Injection
Posted Feb 3, 2009
Authored by D.Mortalov | Site wsec.ru

4Site CMS versions 2.6 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 2dc58e2a811a04a5f7d510ef42fa52dd
Groone's Guestbook 2.0 Remote File Inclusion
Posted Feb 3, 2009
Authored by k3vin mitnick

Groone's Guestbook version 2.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | f339275b4bce05e581c896e6cc0e6630
Groone GLinks 2.1 Remote File Inclusion
Posted Feb 3, 2009
Authored by k3vin mitnick

Groone GLinks version 2.1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | ef9d10d810a6052d2cbdf8bc6d9642f6
Hex Workshop 6 .cmap Crash Exploit
Posted Feb 3, 2009
Authored by DATA_SNIPER

Hex Workshop version 6 invalid memory reference crash proof of concept exploit that makes a malicious .cmap file.

tags | exploit, denial of service, proof of concept
MD5 | a8fb46431d5659f48a9dfe90ebe921ae
TxtBlog 1.0 Command Execution
Posted Feb 3, 2009
Authored by Osirys | Site y-osirys.com

TxtBlog version 1.0 Alpha remote command execution exploit.

tags | exploit, remote
MD5 | 4ee4c952f8ba5514aec0cd0ac32415ca
HP Security Bulletin 2008-01.7
Posted Feb 3, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running IPv6. This vulnerability could be exploited remotely resulting in a Denial of Service (DoS) and unauthorized access.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2008-2476, CVE-2008-4404
MD5 | 2a251b867c93a7b74169ef1dc3e040d2
Nokia Multimedia Player 1.1 Heap Overflow
Posted Feb 3, 2009
Authored by 0in | Site dark-coders.4rh.eu

Nokia Multimedia Player version 1.1 heap overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, proof of concept
MD5 | d98d16a5cf55d956b8f6df5b5151f64b
Bugzilla XSRF Randomization Vulnerability
Posted Feb 3, 2009
Site bugzilla.org

Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, generated insufficiently random numbers, resulting in all random tokens being the same, all CSRF protection being defeated, and the new attachment_base functionality being compromised.

tags | advisory, csrf
MD5 | e15a8197fb7cfed55c0fce6cbaa4d74e
WholeHogSoftware Password Protect Insecure Cookie
Posted Feb 3, 2009
Authored by Stack | Site v4-team.com

WholeHogSoftware Password Protect suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | 4531892764868b5118bff08e027da992
Page 1 of 2
Back12Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close